SAML Single Sign-On (SSO)

Overview

SAML Single Sign-On (SSO) makes it easy for your team to access Fyno using your centralized identity provider (IdP). Everyone can log in seamlessly through the company’s primary authentication system, such as Okta, AWS, or Google Workspace, without needing separate passwords.

After SAML is enabled, users can:

  • Open your company’s IdP (for example, Okta or AWS).
  • Click on the Fyno application.
  • Get logged in automatically.

You control access from one place:

  • If you give someone access, they can use Fyno.
  • Just-in-Time (JIT) access lets your team sign in to Fyno using your company’s identity provider. Users get instant access when they log in, and access is removed immediately when they’re removed from your IdP or when they leave the organisation.

How to Set Up SAML in Fyno

Prerequisites:

Before starting, make sure you have:

  • Admin access to your Identity Provider (IdP).
  • Ability to download or copy your SAML Signing Certificate from your IdP.
1

Get the Signing Certificate from Your Identity Provider

  • Go to your Identity Provider’s SAML application or SSO configuration section.
  • Locate the Signing Certificate (it may also be called):
    • X.509 Certificate
    • Public Certificate
    • SAML Certificate
    • Metadata
  • Export or download the certificate in .xml format.
2

Email the Certificate to Fyno

3

Receive Configuration Details from Fyno

Fyno will send you the following values:

  • ACS URL (Assertion Consumer Service URL) / Recipient URL / Destination URL
  • Audience / Entity ID
  • Custom ID (generated by the Fyno team)

These values are unique to your organization and environment.

4

Configure Your Identity Provider

  • Configure your Identity Provider using the values received in Step 3.
  • Make sure:
    • NameID format is set to Email Address
    • The user’s email is sent as the primary identifier.
5

Test the SAML Login

  • Try logging in to Fyno using your IdP → Applications section.
  • If login succeeds, SAML is configured correctly.

Note: For more details or support, reach out to us at support@fyno.io.

Example: How to configure: